EFFORT: Efficient and Effective Bot Malware Detection

To detect bots, a lot of detection approaches have been proposed at host or network level so far and both approaches have clear advantages and disadvantages. In this paper, the authors propose effort, a new host-network cooperated detection framework attempting to overcome shortcomings of both approaches while still keeping both advantages, i.e., effectiveness and efficiency. Based on intrinsic characteristics of bots, they propose a multi-module approach to correlate information from different host- and network-level aspects and design a multilayered architecture to efficiently coordinate modules to perform heavy monitoring only when necessary.